urlscan.io logo urlscan.io
SecurityTrails logo

wirhabenglueck.de Open in urlscan Pro
2.58.213.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/gasgiftcard533
Effective URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&...
Submission: On September 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 11 domains to perform 23 HTTP transactions. The main IP is 2.58.213.98, located in Netherlands and belongs to LEASEWEB-NL-AMS-01 Netherlands, NL. The main domain is wirhabenglueck.de.
TLS certificate: Issued by R3 on August 30th 2021. Valid for: 3 months.
This is the only time wirhabenglueck.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 104.21.61.59 13335 (CLOUDFLAR...)
1 1 172.67.170.186 13335 (CLOUDFLAR...)
1 1 31.170.100.125 201942 (SOLTIA)
1 1 2.58.213.97 60781 (LEASEWEB-...)
1 5 2.58.213.98 60781 (LEASEWEB-...)
11 195.181.174.6 60068 (CDN77 ^_^)
2 74.125.133.95 15169 (GOOGLE)
1 66.102.1.94 15169 (GOOGLE)
1 52.217.205.16 16509 (AMAZON-02)
2 172.67.30.225 13335 (CLOUDFLAR...)
23 8
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    104.21.61.59 (None, )

ASN13335 (CLOUDFLARENET, US)
discofoxfiles.com
1    172.67.170.186 (United States)

ASN13335 (CLOUDFLARENET, US)
p.arty2night.com
1    31.170.100.125 (Spain)

ASN201942 (SOLTIA, ES)
track.frienciple.com
1    2.58.213.97 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
das-haben-wir.de
5    2.58.213.98 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
wirhabenglueck.de
11    195.181.174.6 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-1.cdn77.com
1892897091.rsc.cdn77.org
2    74.125.133.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f95.1e100.net
fonts.googleapis.com
1    66.102.1.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f94.1e100.net
fonts.gstatic.com
1    52.217.205.16 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    172.67.30.225 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aimtell.io
Domain Requested by
11 1892897091.rsc.cdn77.org wirhabenglueck.de
5 wirhabenglueck.de 1 redirects discofoxfiles.com
wirhabenglueck.de
1892897091.rsc.cdn77.org
2 cdn.aimtell.io s3.amazonaws.com
2 fonts.googleapis.com wirhabenglueck.de
1892897091.rsc.cdn77.org
1 s3.amazonaws.com wirhabenglueck.de
1 fonts.gstatic.com fonts.googleapis.com
1 das-haben-wir.de 1 redirects
1 track.frienciple.com 1 redirects
1 p.arty2night.com 1 redirects
1 discofoxfiles.com
1 bit.ly 1 redirects
23 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
wirhabenglueck.de
R3		 2021-08-30 -
2021-11-28		 3 months crt.sh
www.cdn77.com
R3		 2021-07-15 -
2021-10-13		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh

This page contains 1 frames:

Primary Page: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Frame ID: B306D237FF6E966EE14B3879157F901E
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gewinnen Sie 4 leckere Menüs!

Page URL History Show full URLs

  1. http://bit.ly/gasgiftcard533 HTTP 301
    https://discofoxfiles.com/show.php?l=0&u=317977&id=37208&tracking_id= Page URL
  2. https://p.arty2night.com/click?pid=1211&offer_id=5640&sub1=1114450685&sub2=317977 HTTP 302
    https://track.frienciple.com/ofsy/7024e318-ea12a960-bb5a5c9c-fc77-57ba/9f85ed25-660e1432-589227ed-5a1b-f2... HTTP 303
    https://das-haben-wir.de/fpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c... HTTP 307
    http://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a... HTTP 301
    https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • cdn\.aimtell\.\w+/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

23
Requests

96 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

8
IPs

5
Countries

704 kB
Transfer

1061 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/gasgiftcard533 HTTP 301
    https://discofoxfiles.com/show.php?l=0&u=317977&id=37208&tracking_id= Page URL
  2. https://p.arty2night.com/click?pid=1211&offer_id=5640&sub1=1114450685&sub2=317977 HTTP 302
    https://track.frienciple.com/ofsy/7024e318-ea12a960-bb5a5c9c-fc77-57ba/9f85ed25-660e1432-589227ed-5a1b-f243?Subid=1211&sub_pubid=317977&externalid=613e98864bf9e10001a9f121 HTTP 303
    https://das-haben-wir.de/fpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211 HTTP 307
    http://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030 HTTP 301
    https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bit.ly/gasgiftcard533 HTTP 301
  • https://discofoxfiles.com/show.php?l=0&u=317977&id=37208&tracking_id=

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
show.php
discofoxfiles.com/
Redirect Chain
  • http://bit.ly/gasgiftcard533
  • https://discofoxfiles.com/show.php?l=0&u=317977&id=37208&tracking_id=
621 B
844 B 		Document
General
Check archive.org
Download Go to
Full URL
https://discofoxfiles.com/show.php?l=0&u=317977&id=37208&tracking_id=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.21.61.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
discofoxfiles.com
:scheme
https
:path
/show.php?l=0&u=317977&id=37208&tracking_id=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 13 Sep 2021 00:17:10 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwEm24MHUH%2FM1bSPNMuVzbb6hUOgI8Hw4j6scCFOr7axcrrVp1e7QKCNE644venG5M%2F6jh14DYRV9YJpwBt1BHqtAYon0AD3st2AMZH55BdpmDczV8urr7aSs7GFLeTEuHgQEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68dd30e78b68d721-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Server
nginx
Date
Mon, 13 Sep 2021 00:17:10 GMT
Content-Type
text/html; charset=utf-8
Content-Length
168
Cache-Control
private, max-age=90
Location
https://discofoxfiles.com/show.php?l=0&u=317977&id=37208&tracking_id=
Set-Cookie
_bit=l8d0ha-58a0ba1b17b24ab78f-00u; Domain=bit.ly; Expires=Sat, 12 Mar 2022 00:17:10 GMT
Via
1.1 google
Primary Request redirpage
wirhabenglueck.de/
Redirect Chain
  • https://p.arty2night.com/click?pid=1211&offer_id=5640&sub1=1114450685&sub2=317977
  • https://track.frienciple.com/ofsy/7024e318-ea12a960-bb5a5c9c-fc77-57ba/9f85ed25-660e1432-589227ed-5a1b-f243?Subid=1211&sub_pubid=317977&externalid=613e98864bf9e10001a9f121
  • https://das-haben-wir.de/fpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211
  • http://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
  • https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
24 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Requested by
Host: discofoxfiles.com
URL: https://discofoxfiles.com/show.php?l=0&u=317977&id=37208&tracking_id=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.58.213.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
605438ee81564169fec1ca8003a6bd8b058fa8daca05dfd45f46df115ba91564
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

:method
GET
:authority
wirhabenglueck.de
:scheme
https
:path
/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://discofoxfiles.com/show.php?l=0&u=317977&id=37208&tracking_id=

Response headers

server
nginx
date
Mon, 13 Sep 2021 00:17:12 GMT
content-type
text/html; charset=utf-8
x-application-context
application:prod
strict-transport-security
max-age=63072000
x-frame-options
DENY

Redirect headers

Server
nginx
Date
Mon, 13 Sep 2021 00:17:11 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
Location
https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
ndtApp.js
1892897091.rsc.cdn77.org/cam/app/js/ 		304 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1892897091.rsc.cdn77.org/cam/app/js/ndtApp.js
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
5965022bb86bd2e2936d34cce489d934bac29f3ead144be9c577163c74d994ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-nzt
AcO1rgWT2B/v9CQHAA==
x-accel-expires
@1632060820
date
Mon, 13 Sep 2021 00:17:12 GMT
content-encoding
br
etag
W/"60867804-4bf69"
last-modified
Mon, 26 Apr 2021 08:21:24 GMT
server
CDN77-Turbo
x-77-nzt-ray
0ak30KhDgqw=
x-frame-options
DENY
x-77-cache
HIT
content-type
application/javascript; charset=utf-8
x-cache
HIT
strict-transport-security
max-age=63072000
x-age
468212
x-77-pop
frankfurtDE
css
fonts.googleapis.com/ 		3 KB
870 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo:400,500,600,700&display=swap
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f95.1e100.net
Software
ESF /
Resource Hash
51b055f7afc783ad562209e85f7aeec6781421a4a1c4fc1f561b311eeabea3c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 00:17:12 GMT
server
ESF
date
Mon, 13 Sep 2021 00:17:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Sep 2021 00:17:12 GMT
ndtApp.css
1892897091.rsc.cdn77.org/cam/app/css/ 		100 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1892897091.rsc.cdn77.org/cam/app/css/ndtApp.css
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
35a3d10dfd8578633638594c87839819ae67aab60b838e92e77b02010d00212b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-nzt
AcO1rgV4x67v9CQHAA==
x-accel-expires
@1632060820
date
Mon, 13 Sep 2021 00:17:12 GMT
content-encoding
br
etag
W/"60867804-19023"
last-modified
Mon, 26 Apr 2021 08:21:24 GMT
server
CDN77-Turbo
x-77-nzt-ray
2jNAtdO3mxM=
x-frame-options
DENY
x-77-cache
HIT
content-type
text/css
x-cache
HIT
strict-transport-security
max-age=63072000
x-age
468212
x-77-pop
frankfurtDE
sovendus-layover.js
1892897091.rsc.cdn77.org/cam/DE/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1892897091.rsc.cdn77.org/cam/DE/js/sovendus-layover.js
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
6326544323c19192908049055c9c673d418d3162e22c1d62a67e744ce2d23489
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-nzt
AcO1rgW62mvv9CQHAA==
x-accel-expires
@1632060820
date
Mon, 13 Sep 2021 00:17:12 GMT
content-encoding
br
etag
W/"5f3fb240-22ea"
last-modified
Fri, 21 Aug 2020 11:38:40 GMT
server
CDN77-Turbo
x-77-nzt-ray
9R73sRNR6Ow=
x-frame-options
DENY
x-77-cache
HIT
content-type
application/javascript; charset=utf-8
x-cache
HIT
strict-transport-security
max-age=63072000
x-age
468212
x-77-pop
frankfurtDE
push.js
wirhabenglueck.de/ 		535 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wirhabenglueck.de/push.js
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.58.213.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b4e711d8fcc6b1ba70852ac681a7d0570f33e4694b01401f2cbbe10c9e313138
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

:path
/push.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
wirhabenglueck.de
referer
https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 00:17:12 GMT
last-modified
Tue, 09 Mar 2021 12:43:23 GMT
server
nginx
etag
"60476d6b-217"
x-frame-options
DENY
content-type
application/javascript; charset=utf-8
strict-transport-security
max-age=63072000
accept-ranges
bytes
content-length
535
css
fonts.googleapis.com/ 		6 KB
741 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500
Requested by
Host: 1892897091.rsc.cdn77.org
URL: https://1892897091.rsc.cdn77.org/cam/app/css/ndtApp.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f95.1e100.net
Software
ESF /
Resource Hash
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1892897091.rsc.cdn77.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 12 Sep 2021 22:32:17 GMT
server
ESF
date
Mon, 13 Sep 2021 00:17:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 13 Sep 2021 00:17:12 GMT
banner.jpg
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/banner.jpg
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
d823f5ddbeb110aefa4824172606bb1536f67a49e6e10b401d4f80d5dc25794a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Sep 2021 00:17:12 GMT
x-77-nzt-ray
xNAc9XKJzdg=
x-77-cache
HIT
x-cache
HIT
x-age
850185
content-length
138811
x-77-nzt
AcO1rgVMDVzvCfkMAA==
x-accel-expires
@1631678847
last-modified
Fri, 15 May 2020 05:55:25 GMT
server
CDN77-Turbo
x-frame-options
DENY
etag
"5ebe2ecd-21e3b"
strict-transport-security
max-age=63072000
content-type
image/jpeg
accept-ranges
bytes
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v12/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v12/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo:400,500,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f94.1e100.net
Software
sffe /
Resource Hash
1264ac64e82702e03cd71fbea5dfc8137bbca7ae8c33df94955f3f47add9e61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wirhabenglueck.de
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 21:57:00 GMT
x-content-type-options
nosniff
age
526812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27116
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:13:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 21:57:00 GMT
get
wirhabenglueck.de/rest/agree/ 		979 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wirhabenglueck.de/rest/agree/get?sessionId=64464030
Requested by
Host: 1892897091.rsc.cdn77.org
URL: https://1892897091.rsc.cdn77.org/cam/app/js/ndtApp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.58.213.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
70146b695e4e302dae7862c7ce3ba532ff478f02f3d9454e6a9189287f6b4bef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

:path
/rest/agree/get?sessionId=64464030
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
wirhabenglueck.de
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
:method
GET
Accept
application/json, text/plain, */*
Referer
https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 00:17:12 GMT
server
nginx
strict-transport-security
max-age=63072000
content-length
979
x-frame-options
DENY
x-application-context
application:prod
content-type
text/plain; charset=utf-8
get
wirhabenglueck.de/rest/disclaimer/ 		417 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wirhabenglueck.de/rest/disclaimer/get?sessionId=64464030
Requested by
Host: 1892897091.rsc.cdn77.org
URL: https://1892897091.rsc.cdn77.org/cam/app/js/ndtApp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.58.213.98 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
f7c2598b3814d2292324e9cc532764a572d69abe176a4d8354a83d42a26b1ddb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

:path
/rest/disclaimer/get?sessionId=64464030
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
wirhabenglueck.de
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
:method
GET
Accept
application/json, text/plain, */*
Referer
https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 00:17:12 GMT
server
nginx
strict-transport-security
max-age=63072000
content-length
417
x-frame-options
DENY
x-application-context
application:prod
content-type
text/plain; charset=utf-8
security_tag.png
wirhabenglueck.de/cam/img/ 		0
0
bag.png
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/bag.png
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
47beaa5bc0502ae7da6416d95b32f4cf93f678e0488efc64d417671916c82d00
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Sep 2021 00:17:12 GMT
x-77-nzt-ray
ci6KythUw3o=
x-77-cache
HIT
x-cache
HIT
x-age
190027
content-length
39970
x-77-nzt
AcO1rgXKcAXvS+YCAA==
x-accel-expires
@1632339005
last-modified
Fri, 15 May 2020 07:36:59 GMT
server
CDN77-Turbo
x-frame-options
DENY
etag
"5ebe469b-9c22"
strict-transport-security
max-age=63072000
content-type
image/png
accept-ranges
bytes
icon.png
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/icon.png
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
a9f1e4c8d46dbc4c548219edaab9ce1bd1e1f4942e54767c84991873860f402d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Sep 2021 00:17:12 GMT
x-77-nzt-ray
96am33puWzc=
x-77-cache
HIT
x-cache
HIT
x-age
850185
content-length
2706
x-77-nzt
AcO1rgWJGljvCfkMAA==
x-accel-expires
@1631678847
last-modified
Fri, 15 May 2020 08:37:27 GMT
server
CDN77-Turbo
x-frame-options
DENY
etag
"5ebe54c7-a92"
strict-transport-security
max-age=63072000
content-type
image/png
accept-ranges
bytes
security_tag.png
1892897091.rsc.cdn77.org/cam/img/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1892897091.rsc.cdn77.org/cam/img/security_tag.png
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
f2c224d47e69d0cc93780cd3590c0b1474aacf62c240d4f7b4b877b9f3f8c1cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Sep 2021 00:17:12 GMT
x-77-nzt-ray
wscVlavcuwY=
x-77-cache
HIT
x-cache
HIT
x-age
468212
content-length
22444
x-77-nzt
AcO1rgWN6Nrv9CQHAA==
x-accel-expires
@1632060820
last-modified
Mon, 01 Oct 2018 08:24:06 GMT
server
CDN77-Turbo
x-frame-options
DENY
etag
"5bb1d9a6-57ac"
strict-transport-security
max-age=63072000
content-type
image/png
accept-ranges
bytes
trackpush.min.js
s3.amazonaws.com/cdn.aimtell.com/trackpush/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/push.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.205.16 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
839741000c77d2606bc8b695ba0bb9cc4b8ef484f8b6babd649e6bef0d607f3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 00:17:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Aug 2021 21:49:58 GMT
Server
AmazonS3
x-amz-request-id
RGJ0MJQKX75PRM7K
ETag
"7b9b2666c275fd54fa2196529ed1929e"
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
13023
x-amz-id-2
pfKq5rVav2kLrceY8Mp1Wb2GwCi5S429dPHlcHgWO19aNnmBkzjnFUpuZc+fTsbNWoPxi9mwzTs=
after.svg
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ 		723 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/after.svg
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
be4fc0e8eeafe0023d348f3412d047246bd08ee3e89246df54d116b5f740b0ed
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-nzt
AcO1rgUxeaHvCfkMAA==
x-accel-expires
@1631678847
date
Mon, 13 Sep 2021 00:17:12 GMT
content-encoding
br
etag
W/"5ebe4fb9-2d3"
last-modified
Fri, 15 May 2020 08:15:53 GMT
server
CDN77-Turbo
x-77-nzt-ray
sVsuGd/bgdU=
x-frame-options
DENY
x-77-cache
HIT
content-type
image/svg+xml
x-cache
HIT
strict-transport-security
max-age=63072000
x-age
850185
x-77-pop
frankfurtDE
menu.png
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ 		340 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/menu.png
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
d94896a3e8776fbf7323e4c12e6253b8831e4885895a45a41e574b5ae25d070a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 13 Sep 2021 00:17:12 GMT
x-77-nzt-ray
UNwEVaIli+0=
x-77-cache
HIT
x-cache
HIT
x-age
850185
content-length
347708
x-77-nzt
AcO1rgXplxrvCfkMAA==
x-accel-expires
@1631678847
last-modified
Fri, 15 May 2020 07:36:36 GMT
server
CDN77-Turbo
x-frame-options
DENY
etag
"5ebe4684-54e3c"
strict-transport-security
max-age=63072000
content-type
image/png
accept-ranges
bytes
sticker.svg
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ 		194 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/sticker.svg
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
2db94dde3fe2d311a1745f2602bc6a849d19f5d5d5735f34947df3add6b5beaf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-nzt
AcO1rgXq1FnvS+YCAA==
x-accel-expires
@1632339005
date
Mon, 13 Sep 2021 00:17:12 GMT
content-encoding
br
etag
W/"5ebe45fa-c2"
last-modified
Fri, 15 May 2020 07:34:18 GMT
server
CDN77-Turbo
x-77-nzt-ray
ifo+Nyrwqjs=
x-frame-options
DENY
x-77-cache
HIT
content-type
image/svg+xml
x-cache
HIT
strict-transport-security
max-age=63072000
x-age
190027
x-77-pop
frankfurtDE
bg.svg
1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/ 		404 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1892897091.rsc.cdn77.org/cam/campaigns/McDonalds/bg.svg
Requested by
Host: wirhabenglueck.de
URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.181.174.6 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
frankfurt-1.cdn77.com
Software
CDN77-Turbo /
Resource Hash
040083ca2fe802077c243837101a8d94d4796d21d9e28bacaec5baaa3bcdb53e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-nzt
AcO1rgUzPTDvCfkMAA==
x-accel-expires
@1631678847
date
Mon, 13 Sep 2021 00:17:12 GMT
content-encoding
br
etag
W/"5ebe46ee-194"
last-modified
Fri, 15 May 2020 07:38:22 GMT
server
CDN77-Turbo
x-77-nzt-ray
AUVwmoFzEZI=
x-frame-options
DENY
x-77-cache
HIT
content-type
image/svg+xml
x-cache
HIT
strict-transport-security
max-age=63072000
x-age
850185
x-77-pop
frankfurtDE
23271-161906366efd.json
cdn.aimtell.io/config/optin/ 		435 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.aimtell.io/config/optin/23271-161906366efd.json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.30.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd6db47333555e2d860270277213ae09b5c52a6f78cca4e2466713afa20de6b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 00:17:13 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
DYNAMIC
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-length
321
access-control-allow-origin
*
last-modified
Mon, 16 Aug 2021 12:29:21 GMT
server
cloudflare
etag
"0688d98cd69ef3145503cc90f3e54b5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
68dd30f76e154126-PRG
x-amz-cf-id
GICd7zYL5Tz9UoSRQGHVThri7QhdTpkWdhIm9Fkyn7hSk2eWtyYOtg==
23271-161906366efd.json
cdn.aimtell.io/config/ 		191 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.aimtell.io/config/23271-161906366efd.json
Requested by
Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.30.225 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c82984d6351e635cc9422937680205eccf44b662dd84d0a966f3dc98f2253618

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wirhabenglueck.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 00:17:13 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
DYNAMIC
x-amz-cf-pop
PRG50-C1
x-cache
Miss from cloudfront
content-length
148
access-control-allow-origin
*
last-modified
Mon, 16 Aug 2021 12:29:28 GMT
server
cloudflare
etag
"ef41079d3457a8c0bcc85d4e81fa2cef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 9b9ab8e6e595847652a9158c684a8926.cloudfront.net (CloudFront)
access-control-expose-headers
ETag
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
68dd30fb2fac4126-PRG
x-amz-cf-id
f_cJbT_2-cleQPH6eCtQyyUftVP1fHGjlpjAJEzhWZXepu1zhDTOfg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
wirhabenglueck.de
URL
https://wirhabenglueck.de/cam/img/security_tag.png

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| configs object| __core-js_shared__ object| core function| showTerms function| showPolicy function| showSponsors function| showWiderruf function| showImpressum function| showAdditionalContent function| showLander function| onPrelanderAnswerButtonClick number| OPEN_LIMIT string| CLOSE_CLASS number| openedCount string| MODAL_HTML string| MODAL_STYLES function| injectMicroModalScript function| injectCloseEvent function| injectModalStyles function| appendModal function| closeModal function| injectMouseEvent function| removeMouseEvent function| onMouseMove function| injectFlexIFrameScript function| getSessionId function| getTimestamp function| generateBirthDate function| generatePolitePhrase function| generatePhoneNumber function| injectSovendusData function| initSovendusLayover function| onQuestionsDisplay object| _at undefined| _aimtellPushToken boolean| _aimtellRanScript string| _aimtellSubscriberID undefined| _aimtellRefreshResult object| trackData object| _aimtellTrackData undefined| _aimtellDebug undefined| aimtellDebugBox string| _aimtellAPI boolean| _aimtellSWInitiated boolean| _aimtellNewSubscriberID number| _aimtellVersion object| _aimtellDebugQueue number| _aimtellDebugQueueActive boolean| _aimtellPrompted object| _aimtellUserDefinedWorker object| _aimtellWebsiteConfiguration object| _aimtellFunnelPixel string| _aimtellUpdateViaCache string| _aimtellWorkerScope object| _aimtellPreSubscriberTrackData object| _aimtellServiceWorker object| _aimtellPageLoadAttributes function| _aimtellDeferred function| _aimtellGetUrlVars function| _aimtellGetDeviceType function| _aimtellGetPageDetails function| _aimtellLoadBeacon function| _aimtellCrossDomainSubscriberID function| _aimtellCrossDomainSuppression function| _aimtellGetReferrer function| _aimtellGetLanguage function| _aimtellAbandonedFunnel function| _aimtellAbandonPage function| _aimtellGetResolution function| _aimtellGetBrowserInfo function| _aimtellGetSystemInfo function| _aimtellDebugger function| _aimtellDebugQueueProcess function| _aimtellLogDebug function| _aimtellInitialize function| _aimtellEnablePageDelayPrompt function| _aimtellEnableScrollDelayPrompt function| _aimtellEnableSecondsDelayPrompt function| _aimtellGetSiteConfig function| _aimtellGetPercentageScrolled function| _aimtellLoadPrompt function| _aimtellPromptApprove function| _aimtellPromptDeny function| _aimtellPromptCancel function| _aimtellGetSubscriberID function| _aimtellIsNewData function| _aimtellTrack function| _aimtellAppendManifestHeader function| _aimtellGetManifestLocation function| _aimtellGetWebsiteConfiguration function| _aimtellGetGCMID function| _aimtellLogError function| _aimtellGetSubscriberIDFromToken function| _aimtellGetSubscriberAttributes function| _aimtellGenerateID function| _aimtellGetCookie function| _aimtellSetCookie function| _aimtellDeleteCookie function| _aimtellHashString function| _aimtellTrackAttributes function| _aimtellForcePrompt function| _aimtellPrompt function| _aimtellAlias function| _aimtellTrackEvent function| _aimtellAbandonedCart function| _aimtellTc undefined| logid undefined| subscriber_uid undefined| webURL function| _aimtellGetPushToken function| _aimtellSupportsPush function| _aimtellCheckHTTPS function| _aimtellListener function| _webpushCheckPermissions function| _webpushSupportsPush function| _webpushPrompt function| _webpushRunNative function| _webpushGetSubscriberIDFromToken function| _webpushTrackAttributes function| _webpushGetToken function| _webpushTrackEvent function| _webpushGetSubscriberID function| _aimtellCheckPermissions function| _aimtellRunNative function| _aimtellSafariRun function| _aimtellDelWidgetNotification function| _aimtellDelAllWidgetNotification function| _aimtellCheckNotificationRemaining function| _aimtellClickedNotification function| _aimtellShowNotificationCenter function| _aimtellHideNotificationCenter function| _aimtellAppendNotification function| _aimtellShowNoNotifications function| _aimtellShowNotSubscribed function| _aimtellLaunchNotificationCenter function| _aimtellGetWidgetNotifications function| _aimtellFillNotifications function| _aimtellWidgetPermissionGrantedCallback function| _aimtellPermissionDeniedCallbacks function| _aimtellPermissionIgnoredCallbacks function| _aimtellWebhook function| _aimtellPermissionGrantedCallbacks function| _aimtellSubscribe function| _aimtellUrlBase64ToUint8Array function| _aimtellExtractSubscriptionId function| _aimtellSendSubscriptionToServer function| _aimtellAmplifySubscriberWorkerData function| _aimtellRegisterWorker function| _aimtellValidateWorker function| _aimtellSendWorkerMessage function| _aimtellLoadIntegrations function| _aimtellLoad function| _aimtellProcessQueue function| _aimtellCheckConflictWorker function| _aimtellInitWorker function| _aimtellForceRefreshSW

4 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: l8d0ha-58a0ba1b17b24ab78f-00u
p.arty2night.com/ Name: afclick
Value: 613e98864bf9e10001a9f121
p.arty2night.com/ Name: afoffers
Value: {"5640":1631492230}
wirhabenglueck.de/ Name: _aimtellSubscriberID
Value: e139fe2e-dabd-9f0e-9f92-ebd5ce8fc730

1 Console Messages

Source Level URL
Text
other error URL: https://wirhabenglueck.de/redirpage?country=de&pub=160&cam=1234&service=1234&s1=7024e318-ea12a960-bb5a5c9c-fc77-57ba_1211&s2=M2021091300-d65a9554340edb678914556d161ef409&s3=1211&sessionId=64464030#
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1892897091.rsc.cdn77.org
bit.ly
cdn.aimtell.io
das-haben-wir.de
discofoxfiles.com
fonts.googleapis.com
fonts.gstatic.com
p.arty2night.com
s3.amazonaws.com
track.frienciple.com
wirhabenglueck.de
wirhabenglueck.de
104.21.61.59
172.67.170.186
172.67.30.225
195.181.174.6
2.58.213.97
2.58.213.98
31.170.100.125
52.217.205.16
66.102.1.94
67.199.248.10
74.125.133.95
040083ca2fe802077c243837101a8d94d4796d21d9e28bacaec5baaa3bcdb53e
1264ac64e82702e03cd71fbea5dfc8137bbca7ae8c33df94955f3f47add9e61f
2db94dde3fe2d311a1745f2602bc6a849d19f5d5d5735f34947df3add6b5beaf
35a3d10dfd8578633638594c87839819ae67aab60b838e92e77b02010d00212b
47beaa5bc0502ae7da6416d95b32f4cf93f678e0488efc64d417671916c82d00
51b055f7afc783ad562209e85f7aeec6781421a4a1c4fc1f561b311eeabea3c4
5965022bb86bd2e2936d34cce489d934bac29f3ead144be9c577163c74d994ed
5fd6db47333555e2d860270277213ae09b5c52a6f78cca4e2466713afa20de6b
605438ee81564169fec1ca8003a6bd8b058fa8daca05dfd45f46df115ba91564
6326544323c19192908049055c9c673d418d3162e22c1d62a67e744ce2d23489
70146b695e4e302dae7862c7ce3ba532ff478f02f3d9454e6a9189287f6b4bef
839741000c77d2606bc8b695ba0bb9cc4b8ef484f8b6babd649e6bef0d607f3e
a9f1e4c8d46dbc4c548219edaab9ce1bd1e1f4942e54767c84991873860f402d
b4e711d8fcc6b1ba70852ac681a7d0570f33e4694b01401f2cbbe10c9e313138
be4fc0e8eeafe0023d348f3412d047246bd08ee3e89246df54d116b5f740b0ed
c82984d6351e635cc9422937680205eccf44b662dd84d0a966f3dc98f2253618
d4876c12b071f74470f52c0404d10730ab271ae769c2c407fe131dae8b33e236
d823f5ddbeb110aefa4824172606bb1536f67a49e6e10b401d4f80d5dc25794a
d94896a3e8776fbf7323e4c12e6253b8831e4885895a45a41e574b5ae25d070a
f2c224d47e69d0cc93780cd3590c0b1474aacf62c240d4f7b4b877b9f3f8c1cf
f7c2598b3814d2292324e9cc532764a572d69abe176a4d8354a83d42a26b1ddb